{
  "threat_severity" : "Critical",
  "public_date" : "2011-03-01T00:00:00Z",
  "bugzilla" : {
    "description" : "Mozilla Buffer overflow in JavaScript upvarMap (MFSA 2011-04)",
    "id" : "675091",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=675091"
  },
  "cvss" : {
    "cvss_base_score" : "6.8",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "status" : "verified"
  },
  "details" : [ "Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an \"upvarMap\" issue." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "release_date" : "2011-03-02T00:00:00Z",
    "advisory" : "RHSA-2011:0310",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4",
    "package" : "firefox-0:3.6.14-4.el4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2011-03-02T00:00:00Z",
    "advisory" : "RHSA-2011:0310",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "firefox-0:3.6.14-4.el5_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2011-03-02T00:00:00Z",
    "advisory" : "RHSA-2011:0310",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "xulrunner-0:1.9.2.14-4.el5_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2011-03-02T00:00:00Z",
    "advisory" : "RHSA-2011:0310",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "firefox-0:3.6.14-4.el6_0"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2011-03-02T00:00:00Z",
    "advisory" : "RHSA-2011:0310",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "xulrunner-0:1.9.2.14-3.el6_0"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux Extended Update Support 4.8",
    "fix_state" : "Affected",
    "package_name" : "firefox",
    "cpe" : "cpe:/o:redhat:rhel_eus:4.8"
  }, {
    "product_name" : "Red Hat Enterprise Linux Extended Update Support 5.6",
    "fix_state" : "Affected",
    "package_name" : "firefox",
    "cpe" : "cpe:/o:redhat:rhel_eus:5.6"
  }, {
    "product_name" : "Red Hat Enterprise Linux Extended Update Support 6.0",
    "fix_state" : "Affected",
    "package_name" : "firefox",
    "cpe" : "cpe:/o:redhat:rhel_eus:6.0"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-0054\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-0054" ],
  "name" : "CVE-2011-0054",
  "csaw" : false
}